Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Mozilla öffnet immer wieder neue Tabs (https://www.trojaner-board.de/157011-mozilla-oeffnet-immer-neue-tabs.html)

Drums93 29.07.2014 15:48
Mozilla öffnet immer wieder neue Tabs
 
Hallo liebes Trojaner Board Team,

seit einiger Zeit öffnet sich bei meinem Firefox von alleine neue Tabs mit allerhand Werbung.
Dazu kommt, dass ich auf den Seiten, auf denen ich mich befinde, immer wieder kleine Fenster mit Werbung von allen möglichen Dingen wie Spiele, Mode usw. habe die ich dann mit einem X wegklicken kann. Diese kommen aber ebenfalls immer wieder.
Ich habe mal einen Scan durchgeführt aber habe auch weiter keine Ahnung davon.
Ich bitte um Hilfe,

liebe Grüße und vielen Dank schonmal

Code:
ComboFix 14-07-29.01 - Markus 29.07.2014  15:45:19.2.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8007.6162 [GMT 2:00]
ausgeführt von:: c:\users\Markus\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\374311380
c:\programdata\Fast And Safe
c:\programdata\Fast And Safe\FastAndSafe.dll
c:\programdata\Fast And Safe\FastAndSafe_x64.dll
c:\programdata\Fast And Safe\FastAndSafeSvc.dll
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\assembly\tmp
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghcdgpmhjhikmldekhhgpaplffndalcf_0.localstorage-journal
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ghcdgpmhjhikmldekhhgpaplffndalcf_0.localstorage
c:\users\Markus\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Markus\AppData\Local\nsbB897.tmp
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\Markus\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\bootstrap.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\chrome.manifest
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\content\bg.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\eeoaaaye@o-qjgl.edu\install.rdf
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\bootstrap.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\chrome.manifest
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\content\bg.js
c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\rhooy@kafnvxxz.co.uk\install.rdf
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\background.html
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\content.js
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\lsdb.js
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\manifest.json
c:\users\UpdatusUser\AppData\Local\Torch\User Data\Default\Extensions\ldejkdgbaoihmkpoddmaiokkfadiogmf\2.0\Q2mGGUdhl6.js
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-06-28 bis 2014-07-29  ))))))))))))))))))))))))))))))
.
.
2014-07-29 13:49 . 2014-07-29 13:49        --------        d-----w-        c:\users\Markus\AppData\Local\temp
2014-07-29 13:49 . 2014-07-29 13:49        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-07-29 13:49 . 2014-07-29 13:49        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2014-07-29 13:05 . 2014-07-29 13:08        --------        d-----w-        C:\FRST
2014-07-29 12:53 . 2014-07-29 12:53        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDDB9506-4EFE-45F8-BFBE-0323AB4ED65C}\offreg.dll
2014-07-29 12:49 . 2014-07-15 22:51        71168        ----a-w-        c:\windows\system32\drivers\hdaudbus.sys
2014-07-29 12:49 . 2014-05-29 04:04        94552        ----a-w-        c:\windows\system32\drivers\mountmgr.sys
2014-07-29 12:49 . 2014-05-08 01:34        328024        ----a-w-        c:\windows\system32\drivers\Classpnp.sys
2014-07-29 10:27 . 2014-07-29 10:27        --------        d-----w-        c:\windows\ServiceProfiles\LocalService\winhttp
2014-07-29 10:05 . 2014-07-02 03:09        10924376        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDDB9506-4EFE-45F8-BFBE-0323AB4ED65C}\mpengine.dll
2014-07-28 13:32 . 2014-07-28 13:32        --------        d-----w-        c:\program files (x86)\WowCouponn
2014-07-25 13:26 . 2014-07-25 13:28        --------        d-----w-        c:\users\Markus\AppData\Roaming\Probit Software
2014-07-25 13:23 . 2014-07-25 13:23        --------        d-----w-        c:\users\Markus\AppData\Local\com
2014-07-25 13:21 . 2014-07-25 13:21        --------        d-----w-        c:\programdata\IePluginServices
2014-07-25 13:21 . 2014-07-25 13:21        --------        d-----w-        c:\program files (x86)\SupTab
2014-07-25 13:21 . 2014-07-25 13:23        --------        d-----w-        c:\programdata\WindowsMangerProtect
2014-07-25 13:20 . 2014-07-28 13:26        --------        d-----w-        c:\program files (x86)\globalUpdate
2014-07-25 13:20 . 2014-07-25 13:20        --------        d-----w-        c:\users\Markus\AppData\Local\globalUpdate
2014-07-25 13:20 . 2014-07-25 13:22        --------        d-----w-        c:\program files (x86)\video MediaPlay-Air
2014-07-25 13:20 . 2014-07-25 13:25        --------        d-----w-        c:\programdata\cosstminn
2014-07-25 13:20 . 2014-07-25 13:21        --------        d-----w-        c:\program files (x86)\cosstminn
2014-07-25 13:20 . 2014-07-25 13:20        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-25 13:20 . 2014-07-25 13:20        --------        d-----w-        c:\users\Markus\AppData\Local\Chromatic Browser
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\Torch
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\Markus\AppData\Local\Torch
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\Google
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\Markus\AppData\Local\Comodo
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\HomeGroupUser$
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\Gast
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\Administrator
2014-07-25 13:19 . 2014-07-25 13:28        --------        d-----w-        c:\program files (x86)\Probit Software
2014-07-25 13:19 . 2014-07-25 13:19        --------        d-----w-        c:\users\Markus\AppData\Local\SearchProtect
2014-07-24 05:26 . 2014-07-28 13:32        --------        d-----w-        c:\programdata\7a791e75f7c17ac
2014-07-24 05:25 . 2014-07-29 10:26        --------        d-----w-        c:\programdata\WowCouponn
2014-07-11 12:53 . 2014-07-11 12:53        --------        d-----w-        c:\program files\iPod
2014-07-11 12:53 . 2014-07-11 12:53        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-11 12:53 . 2014-07-11 12:53        --------        d-----w-        c:\program files\iTunes
2014-07-11 12:53 . 2014-07-11 12:53        --------        d-----w-        c:\program files (x86)\iTunes
2014-07-11 11:42 . 2014-07-11 11:42        --------        d-----w-        c:\programdata\Microsoft OneDrive
2014-07-11 11:30 . 2014-07-11 11:30        --------        d-----r-        C:\MSOCache
2014-07-10 09:37 . 2014-06-26 20:53        703968        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 09:37 . 2014-06-26 20:53        105440        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 09:34 . 2014-07-10 09:35        --------        d-s---w-        c:\windows\system32\CompatTel
2014-07-08 22:37 . 2014-06-30 22:42        394240        ----a-w-        c:\windows\system32\devinv.dll
2014-07-05 09:46 . 2014-07-05 09:46        257704        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10243.bin
2014-07-03 16:50 . 2014-07-03 16:50        --------        d-----w-        c:\program files (x86)\DENON_DJ
2014-07-03 15:52 . 2014-07-03 15:52        --------        dc-h--w-        c:\programdata\{FA277A43-401F-4EAE-9068-FCDF88DB3EA9}
2014-07-03 15:41 . 2014-07-03 15:41        --------        dc-h--w-        c:\programdata\{05C334F7-C2A4-418A-9BC8-1542AE38D62B}
2014-07-03 15:37 . 2014-07-03 15:37        --------        d-----w-        c:\program files (x86)\Common Files\Native Instruments
2014-07-03 15:37 . 2014-07-03 15:37        --------        dc-h--w-        c:\programdata\{033B4844-E9C3-45D2-88D9-34DDF3F91100}
2014-07-03 15:37 . 2014-07-03 15:37        --------        dc-h--w-        c:\programdata\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-07-03 15:37 . 2014-07-03 15:37        --------        dc-h--w-        c:\programdata\{D2030082-F62A-402A-9456-8009276FD896}
2014-07-03 15:37 . 2014-07-03 15:37        --------        dc-h--w-        c:\programdata\{B3478C15-588A-4968-AD66-76AA98803A28}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{0CC85DFF-E70A-4AB0-968A-F1F98F4D0C67}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{662EAAEC-9E9A-4C69-A658-884E51E909BB}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{5EE4F9B1-7274-48A2-9C25-C287604C3058}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{219191E6-6846-4329-889D-7956C487D9A6}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{018F1C44-00D1-417B-B251-92A5634F74AE}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{9B09061B-0A4F-42DA-9987-7D3F452DCB09}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{9597097D-B8DC-4754-AF2D-CB61CCFC861A}
2014-07-03 15:36 . 2014-07-03 15:36        --------        dc-h--w-        c:\programdata\{EB21323D-3F46-4EF0-B849-B096B7705C69}
2014-07-03 15:35 . 2014-07-03 15:35        --------        dc-h--w-        c:\programdata\{9F570B21-E27A-40BE-A508-292899A7D042}
2014-07-03 15:35 . 2014-07-03 15:35        --------        dc-h--w-        c:\programdata\{AF79C86B-2321-4D47-A168-2A24BA2B6A73}
2014-07-03 15:35 . 2014-07-03 15:35        --------        dc-h--w-        c:\programdata\{B7C85E99-2AC6-455D-B4D1-752A56403757}
2014-07-03 15:35 . 2014-07-03 15:35        --------        dc-h--w-        c:\programdata\{57B31BE2-3175-4425-9722-D2AC5F68C7BD}
2014-07-03 15:34 . 2014-07-03 15:34        --------        dc-h--w-        c:\programdata\{C6A355F5-168B-4EEC-AB7C-75594F783EDB}
2014-07-03 15:34 . 2014-07-03 15:52        --------        d-----w-        c:\program files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:52        --------        d-----w-        c:\program files\Common Files\Native Instruments
2014-07-03 15:34 . 2014-07-03 15:37        --------        d-----w-        c:\programdata\Native Instruments
2014-07-03 13:05 . 2014-07-03 13:05        --------        d-----w-        c:\users\Markus\AppData\Local\LPT
2014-07-03 13:05 . 2014-07-03 13:05        --------        d-----w-        c:\users\Markus\AppData\Local\Smartbar
2014-07-03 13:03 . 2014-07-03 13:07        --------        d-----w-        c:\program files (x86)\Optimizer Pro
2014-07-03 11:53 . 2014-07-03 11:53        --------        d-----w-        c:\program files (x86)\predm
2014-07-03 11:41 . 2014-07-25 13:25        --------        d-----w-        c:\program files (x86)\Common Files\Umbrella
2014-07-03 11:41 . 2014-07-03 11:41        --------        d-----w-        c:\program files (x86)\Common Files\IMGUpdater
2014-07-03 11:41 . 2014-06-18 07:54        --------        d---a-w-        c:\program files (x86)\Iminent
2014-07-03 11:40 . 2014-07-03 11:54        --------        d-----w-        c:\users\Markus\AppData\Local\Genesis_07031140
2014-07-03 11:40 . 2014-07-03 11:40        --------        d-----w-        c:\program files\003
2014-07-03 11:26 . 2014-07-03 11:41        --------        d-----w-        c:\program files (x86)\PC Speed Up
2014-07-03 11:26 . 2014-07-03 11:26        --------        d-----w-        c:\users\Markus\AppData\Roaming\InetStat
2014-07-02 15:51 . 2014-07-29 13:49        --------        d-----w-        c:\users\Markus\AppData\Local\assembly
2014-07-02 15:51 . 2014-07-03 10:22        --------        d-----w-        c:\users\Markus\AppData\Local\Deployment
2014-07-02 15:51 . 2014-07-02 15:51        --------        d-----w-        c:\users\Markus\AppData\Local\Apps
2014-07-01 13:23 . 2014-07-01 13:23        --------        d-----w-        c:\program files (x86)\Microsoft SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23        --------        d-----r-        c:\users\Markus\SkyDrive
2014-07-01 13:23 . 2014-07-01 13:23        --------        d-----w-        c:\programdata\Microsoft SkyDrive
2014-07-01 13:20 . 2014-06-03 08:41        589008        ----a-w-        c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-07-01 13:17 . 2014-07-10 10:04        --------        d-----w-        c:\program files\Microsoft Office 15
2014-07-01 08:46 . 2014-07-01 08:46        --------        d-----w-        c:\users\Markus\AppData\Local\Tracker Software
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 10:18 . 2013-10-27 02:04        96441528        ----a-w-        c:\windows\system32\MRT.exe
2014-05-03 05:47 . 2014-06-12 00:23        3246592        ----a-w-        c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-12 00:23        235520        ----a-w-        c:\windows\system32\rdpudd.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}]
2014-07-25 13:22        579432        ----a-w-        c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2012-06-02 20:25        298568        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-07-25 13:21        515464        ----a-w-        c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43        223432        ----a-w-        c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43        223432        ----a-w-        c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43        223432        ----a-w-        c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Markus\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-01 1176632]
"NextLive"="c:\users\Markus\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
"Browser Infrastructure Helper"="c:\users\Markus\AppData\Local\Smartbar\Application\Smartbar.exe" [2014-06-11 28952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"="c:\program files (x86)\RadioController\RfBtnHelper.exe" [2013-07-30 111216]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2012-08-15 2994880]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 64af91bf;Fast And Safe;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\System32\drivers\b57xdbd.sys;c:\windows\SYSNATIVE\drivers\b57xdbd.sys [x]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\System32\drivers\b57xdmp.sys;c:\windows\SYSNATIVE\drivers\b57xdmp.sys [x]
R3 bScsiMSa;bScsiMSa;c:\windows\System32\drivers\bScsiMSa.sys;c:\windows\SYSNATIVE\drivers\bScsiMSa.sys [x]
R3 bScsiSDa;bScsiSDa;c:\windows\System32\drivers\bScsiSDa.sys;c:\windows\SYSNATIVE\drivers\bScsiSDa.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 GlobalUpdater;GlobalUpdater;c:\program files (x86)\Common Files\IMGUpdater\IMGUpdater.exe;c:\program files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\Umbrella210.exe;c:\program files (x86)\Common Files\Umbrella\Umbrella210.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
S3 WSDScan;WSD-Scanunterstützung;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 16:35        1104200        ----a-w-        c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-28 22:50]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-1.job
- c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-codedownloader.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-2.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-4.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25 13:22]
.
2014-07-29 c:\windows\Tasks\c421907c-8d5f-4b54-af6e-98e6584c00d7-5_user.job
- c:\program files (x86)\video MediaPlay-Air\c421907c-8d5f-4b54-af6e-98e6584c00d7-5.exe [2014-07-25 13:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110611171199}]
2014-07-25 13:22        786792        ----a-w-        c:\program files (x86)\video MediaPlay-Air\video MediaPlay-Air-bho64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-07-11 11:43        262344        ----a-w-        c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-07-11 11:43        262344        ----a-w-        c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-07-11 11:43        262344        ----a-w-        c:\users\Markus\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-06-10 10:07        2335960        ----a-w-        c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-06-10 10:07        2335960        ----a-w-        c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-06-10 10:07        2335960        ----a-w-        c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-23 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-23 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-23 441888]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mDefault_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
mDefault_Page_URL = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mStart Page = hxxp://myhome.vi-view.com/?type=hp&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1406294425&from=tugs&uid=TOSHIBAXMQ01ABD075_53L8P7KXTXX53L8P7KXT&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StLKYZZHUxozG7WbG8M4ZbpPFmdMdnxsM5TEzN82KrkxsAMQ2M_ucVyCiDfMqKfi8T7o6SfBNWAvVd3w2NVqtHbXB1QakofDqcezBu_mD55W29eHDqrmLA4QENdiskQFZ9MXzGUVgXaO89kx2x4S_Z5s01KLxwlX2MKGCdRC8T6vB2LLtpkVhp-9MmOw9z9BVWT2uaNGlcpA,,&q={searchTerms}
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\
FF - prefs.js: browser.search.selectedEngine - StartWeb
FF - prefs.js: browser.startup.homepage - www.google.de
FF - ExtSQL: 2014-07-03 13:41; webbooster@iminent.com; c:\users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\ppfgea47.default\extensions\webbooster@iminent.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-LManager - (no file)
Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe
Wow6432Node-HKLM-Run-AnyProtect Scanner - c:\program files (x86)\AnyProtectEx\AnyProtect.exe
Wow6432Node-HKLM-Run-AnyProtect Tray - c:\program files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe
Wow6432Node-HKLM-Run-fst_de_75 - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf} - c:\progra~3\FASTAN~1\FASTAN~1.DLL
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-07-29  15:51:22
ComboFix-quarantined-files.txt  2014-07-29 13:51
.
Vor Suchlauf: 8 Verzeichnis(se), 643.223.506.944 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 643.253.645.312 Bytes frei
.
- - End Of File - - 7BBD587CCCCC07271DE81959EB1708D9

M-K-D-B 29.07.2014 15:53
Du hast doch ein Thema, hier geht es weiter.


Dieses Thema hier wird tonniert.


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:21 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55